holepunch 1.2.0 → 1.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/holepunch.rb +4 -4
- data/lib/holepunch/cli.rb +10 -7
- data/lib/holepunch/definition.rb +1 -12
- data/lib/holepunch/dsl.rb +6 -1
- data/lib/holepunch/ec2.rb +9 -6
- data/lib/holepunch/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8a08441876887342e6570fd07d22796ca946409b
|
4
|
+
data.tar.gz: 2be013a42dbca64d9ee952082bb855846950292c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f072b9211e176a12c861cf3e163e8d171392927a3238849108e8a906154a5a373f2dadd823abc34718fc2512229bdc7cecb22dc77d8dd82c0833b023be3c3557
|
7
|
+
data.tar.gz: 309dd74b73a0ad8ee8cf89c55c6b3d0c6e1a458dd9e1a72d84e634462ff4f5854f690a52080822d9684cfd52d04acbafd33360f7bb1cd7295cfd09129cd7ddfb
|
data/lib/holepunch.rb
CHANGED
@@ -46,7 +46,7 @@ module HolePunch
|
|
46
46
|
# @option opts [String] :aws_secret_access_key the AWS secret access key
|
47
47
|
# @option opts [String] :aws_region the AWS region
|
48
48
|
def apply(filename, env, opts = {})
|
49
|
-
definition =
|
49
|
+
definition = DSL.evaluate(filename, env)
|
50
50
|
ec2 = EC2.new(opts)
|
51
51
|
ec2.apply(definition)
|
52
52
|
end
|
@@ -58,7 +58,7 @@ module HolePunch
|
|
58
58
|
# @param env [String, nil] the environment
|
59
59
|
# @param groups [Array<String>] the list of security groups to check
|
60
60
|
def defined?(filename, env, groups)
|
61
|
-
definition =
|
61
|
+
definition = DSL.evaluate(filename, env)
|
62
62
|
groups.all? do |group_id|
|
63
63
|
definition.groups.include?(group_id)
|
64
64
|
end
|
@@ -71,7 +71,7 @@ module HolePunch
|
|
71
71
|
# @param env [String, nil] the environment
|
72
72
|
# @param groups [Array<String>] the list of security groups to check
|
73
73
|
def select_undefined(filename, env, groups)
|
74
|
-
definition =
|
74
|
+
definition = DSL.evaluate(filename, env)
|
75
75
|
groups.reject do |group_id|
|
76
76
|
definition.groups.include?(group_id)
|
77
77
|
end
|
@@ -86,7 +86,7 @@ module HolePunch
|
|
86
86
|
#
|
87
87
|
# @return [Array<String>] the list of security group names
|
88
88
|
def service_groups(filename, env, name)
|
89
|
-
definition =
|
89
|
+
definition = DSL.evaluate(filename, env)
|
90
90
|
service = definition.services[name]
|
91
91
|
raise ServiceDoesNotExistError, "service '#{name}' not found" if service.nil?
|
92
92
|
service.groups
|
data/lib/holepunch/cli.rb
CHANGED
@@ -30,17 +30,19 @@ module HolePunch
|
|
30
30
|
|
31
31
|
default_task :apply
|
32
32
|
|
33
|
-
option :'aws-access-key', aliases: :A,
|
33
|
+
option :'aws-access-key', aliases: :A, type: :string, default: ENV['AWS_ACCESS_KEY_ID'], desc:
|
34
34
|
'Your AWS Access Key ID'
|
35
|
-
option :'aws-secret-access-key', aliases: :k,
|
35
|
+
option :'aws-secret-access-key', aliases: :k, type: :string, default: ENV['AWS_SECRET_ACCESS_KEY'], desc:
|
36
36
|
'Your AWS API Secret Access Key'
|
37
|
-
option :'aws-region', aliases: :r,
|
37
|
+
option :'aws-region', aliases: :r, type: :string, default: ENV['AWS_REGION'], desc:
|
38
38
|
'Your AWS region'
|
39
|
-
option :
|
39
|
+
option :'aws-vpc-id', aliases: :c, type: :string, desc:
|
40
|
+
'Set the VPC ID (for VPC security groups)'
|
41
|
+
option :env, aliases: :e, type: :string, desc:
|
40
42
|
'Set the environment'
|
41
|
-
option :file, aliases: :f,
|
43
|
+
option :file, aliases: :f, type: :string, default: "#{Dir.pwd}/SecurityGroups", desc:
|
42
44
|
'The location of the SecurityGroups file to use'
|
43
|
-
option :verbose, aliases: :v,
|
45
|
+
option :verbose, aliases: :v, type: :boolean, desc:
|
44
46
|
'Enable verbose output'
|
45
47
|
desc 'apply [OPTIONS]', 'apply the defined security groups to ec2'
|
46
48
|
def apply
|
@@ -53,6 +55,7 @@ module HolePunch
|
|
53
55
|
aws_access_key_id: options[:'aws-access-key'],
|
54
56
|
aws_secret_access_key: options[:'aws-secret-access-key'],
|
55
57
|
aws_region: options[:'aws-region'],
|
58
|
+
aws_vpc_id: options[:'aws-vpc-id'],
|
56
59
|
})
|
57
60
|
rescue EnvNotDefinedError => e
|
58
61
|
Logger.fatal('You have security groups that use an environment, but you did not specify one. See --help')
|
@@ -72,7 +75,7 @@ module HolePunch
|
|
72
75
|
def service(name = nil)
|
73
76
|
Logger.verbose = options[:verbose]
|
74
77
|
|
75
|
-
definition =
|
78
|
+
definition = DSL.evaluate(options[:file], options[:env])
|
76
79
|
|
77
80
|
if options[:list]
|
78
81
|
definition.services.keys.sort.each do |name|
|
data/lib/holepunch/definition.rb
CHANGED
@@ -70,18 +70,7 @@ module HolePunch
|
|
70
70
|
attr_reader :groups
|
71
71
|
attr_reader :services
|
72
72
|
|
73
|
-
|
74
|
-
def build(file, env)
|
75
|
-
filename = Pathname.new(file).expand_path
|
76
|
-
unless filename.file?
|
77
|
-
raise SecurityGroupsFileNotFoundError, "#{filename} not found"
|
78
|
-
end
|
79
|
-
|
80
|
-
DSL.evaluate(file, env)
|
81
|
-
end
|
82
|
-
end
|
83
|
-
|
84
|
-
def initialize(env = nil)
|
73
|
+
def initialize(env)
|
85
74
|
@env = env
|
86
75
|
@groups = {}
|
87
76
|
@services = {}
|
data/lib/holepunch/dsl.rb
CHANGED
@@ -71,7 +71,7 @@ module HolePunch
|
|
71
71
|
|
72
72
|
def icmp(*sources)
|
73
73
|
sources << '0.0.0.0/0' if sources.empty?
|
74
|
-
@model.ingresses << Permission.new(:icmp,
|
74
|
+
@model.ingresses << Permission.new(:icmp, 0, sources.flatten)
|
75
75
|
end
|
76
76
|
alias_method :ping, :icmp
|
77
77
|
|
@@ -88,6 +88,11 @@ module HolePunch
|
|
88
88
|
|
89
89
|
class DSL < BaseDSL
|
90
90
|
def self.evaluate(filename, env)
|
91
|
+
path = Pathname.new(filename).expand_path
|
92
|
+
unless path.file?
|
93
|
+
raise SecurityGroupsFileNotFoundError, "#{filename} not found"
|
94
|
+
end
|
95
|
+
|
91
96
|
DSL.new(env).eval_dsl(filename)
|
92
97
|
end
|
93
98
|
|
data/lib/holepunch/ec2.rb
CHANGED
@@ -40,6 +40,7 @@ module HolePunch
|
|
40
40
|
|
41
41
|
@ec2 = AWS::EC2.new
|
42
42
|
@region = @ec2.regions[opts[:aws_region]]
|
43
|
+
@vpc_id = opts[:aws_vpc_id]
|
43
44
|
end
|
44
45
|
|
45
46
|
def apply(definition)
|
@@ -59,7 +60,7 @@ module HolePunch
|
|
59
60
|
ec2_group = find(id)
|
60
61
|
if ec2_group.nil?
|
61
62
|
Logger.log(:create, id)
|
62
|
-
ec2_group = create(id, group.desc)
|
63
|
+
ec2_group = create(id, group.desc, @vpc_id)
|
63
64
|
end
|
64
65
|
ec2_groups[id] = ec2_group
|
65
66
|
end
|
@@ -82,7 +83,7 @@ module HolePunch
|
|
82
83
|
end
|
83
84
|
end
|
84
85
|
unless revoke_sources.empty?
|
85
|
-
Logger.log("revoke #{ec2_perm.protocol}", "#{id} #{sources_list_to_s(revoke_sources)}")
|
86
|
+
Logger.log("revoke #{ec2_perm.protocol}", "#{id} #{sources_list_to_s(revoke_sources)} #{ec2_perm.port_range}")
|
86
87
|
ec2_group.revoke_ingress(ec2_perm.protocol, ec2_perm.port_range, *revoke_sources)
|
87
88
|
end
|
88
89
|
end
|
@@ -106,7 +107,7 @@ module HolePunch
|
|
106
107
|
end
|
107
108
|
end
|
108
109
|
unless new_sources.empty?
|
109
|
-
Logger.log(perm.type, "#{id} #{sources_list_to_s(new_sources)}")
|
110
|
+
Logger.log(perm.type, "#{id} #{sources_list_to_s(new_sources)} #{perm.ports}")
|
110
111
|
ec2_group.authorize_ingress(perm.type, perm.ports, *new_sources)
|
111
112
|
end
|
112
113
|
end
|
@@ -116,11 +117,13 @@ module HolePunch
|
|
116
117
|
|
117
118
|
private
|
118
119
|
def fetch!
|
119
|
-
@groups = @region.security_groups.to_a
|
120
|
+
@groups = @region.security_groups.to_a.keep_if do |region|
|
121
|
+
!@vpc_id == !region.vpc_id
|
122
|
+
end
|
120
123
|
end
|
121
124
|
|
122
|
-
def create(name, description)
|
123
|
-
group = @region.security_groups.create(name, description: description)
|
125
|
+
def create(name, description, vpc)
|
126
|
+
group = @region.security_groups.create(name, description: description, vpc: vpc)
|
124
127
|
@groups << group
|
125
128
|
group
|
126
129
|
end
|
data/lib/holepunch/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: holepunch
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ben Scott
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2015-01-27 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: thor
|